<?php include("include/config.php");include("include/functions/import

1.  
2. <?php
3.  
4.  
5. include("include/config.php");
6. include("include/functions/import.php");
7.  
8. $redirect = stripslashes($_REQUEST['redirect']);
9. $r = base64_decode($redirect);
10. STemplate::assign('r',$r);
11.  
12. if ($_SESSION['USERID'] != "" && $redirect != "")
13. {
14. header("Location:$redirect");exit;
15. }
16.  
17. if($_REQUEST['logsub']!="")
18. {
19. $username = htmlentities(strip_tags($_REQUEST['username']), ENT_COMPAT, "UTF-8");
20. $password = htmlentities(strip_tags($_REQUEST['password']), ENT_COMPAT, "UTF-8");
21.  
22. if($username=="")
23. {
24. $error=$lang['4'];
25. }
26. elseif($password=="")
27. {
28. $error=$lang['5'];
29. }
30. else
31. {
32. if(!verify_valid_email($username))
33. {
34. $encryptedpassword = md5($password);
35. $query="SELECT status,USERID,email,username,verified,filter,mylang from members WHERE username='".mysql_real_escape_string($username)."' and password='".mysql_real_escape_string($encryptedpassword)."'";
36. $result=$conn->execute($query);
37.  
38. if($result->recordcount()<1)
39. {
40. $error=$lang['26'];
41. }
42. elseif($result->fields['status']=="0")
43. {
44. $error = $lang['30'];
45. }
46.  
47. if($error=="")
48. {
49. $query="update members set lastlogin='".time()."', lip='".$_SERVER['REMOTE_ADDR']."' WHERE username='".mysql_real_escape_string($username)."'";
50. $conn->execute($query);
51. $_SESSION['USERID']=$result->fields['USERID'];
52. $_SESSION['EMAIL']=$result->fields['email'];
53. $_SESSION['USERNAME']=$result->fields['username'];
54. $_SESSION['VERIFIED']=$result->fields['verified'];
55. $_SESSION['FILTER']=$result->fields['filter'];
56. $setlang = $result->fields['mylang'];
57. if($setlang != "")
58. {
59. $addlang = "?language=".$setlang;
60. }
61. if($_REQUEST["remember"]=="yes")
62. {
63. create_slrememberme();
64. }
65.  
66. if($redirect == "")
67. {
68. header("Location:$config[baseurl]/settings".$addlang);exit;
69. }
70. else
71. {
72. header("Location:$redirect");exit;
73. }
74.  
75. }
76. }
77. else
78. {
79. $encryptedpassword = md5($password);
80. $query="SELECT status,USERID,email,username,verified,filter,mylang from members WHERE email='".mysql_real_escape_string($username)."' and password='".mysql_real_escape_string($encryptedpassword)."'";
81. $result=$conn->execute($query);
82.  
83. if($result->recordcount()<1)
84. {
85. $error=$lang['37'];
86. }
87. elseif($result->fields['status']=="0")
88. {
89. $error = $lang['30'];
90. }
91.  
92. if($error=="")
93. {
94. $query="update members set lastlogin='".time()."', lip='".$_SERVER['REMOTE_ADDR']."' WHERE username='".mysql_real_escape_string($username)."'";
95. $conn->execute($query);
96. $_SESSION['USERID']=$result->fields['USERID'];
97. $_SESSION['EMAIL']=$result->fields['email'];
98. $_SESSION['USERNAME']=$result->fields['username'];
99. $_SESSION['VERIFIED']=$result->fields['verified'];
100. $_SESSION['FILTER']=$result->fields['filter'];
101. $setlang = $result->fields['mylang'];
102. if($setlang != "")
103. {
104. $addlang = "?language=".$setlang;
105. }
106. if($_REQUEST["remember"]=="yes")
107. {
108. create_slrememberme();
109. }
110.  
111. if($redirect == "")
112. {
113. header("Location:$config[baseurl]/settings".$addlang);exit;
114. }
115. else
116. {
117. header("Location:$redirect");exit;
118. }
119.  
120. }
121. }
122. }
123. }
124.  
125. $pagetitle = $lang['11'];
126. STemplate::assign('pagetitle',$pagetitle);
127. STemplate::assign('error',$error);
128.  
129. //TEMPLATES BEGIN
130. STemplate::display('login.tpl');
131. //TEMPLATES END
132. ?>